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SPECIFICATION 

RECORD CARRIER WITH DISTRIBUTED DECRYPTION INFORMATION 

This invention relates to a record carrier storing copy-protected information* Examples 
of such record carriers are mainly Audio CDs, CD-ROMs, CD-Rs, CD-RWs, DVDs 
5 etc., but the invention is equally applicable to other record carriers as well, as e>g. mag- 
netic tapes, diskettes, and hard disks. 

Record carriers such as CDs or DVDs are nowadays a mass product used e.g, for dis- 
tributing audio and video content for entertainment purposes and to supply software and 
10 computer games. Moreover, certain kinds of these media such as the CD-R and the CD- 
RW* are once or several times recordable e,g, by using a CD burner. They are therefore 
also usable for short-term backup as well as for long-term archiving purposes. More- 
over, the increasing storage capacities of these devices extend their applicability even 
further, 

15 

On the other hand, the existence of these easy to handle and durable recordable media in 
connection with the digital representation of the media contents opened an easy way of 
talcing one-to-one copies of copyrighted CDs, which nowadays presents a major com- 
mercial problem for the content industries. 

20 

Accordingly, several methods for copy protection of such record carriers have been pro- 
posed in the state of the art Typically, there is a trade-off between the effort spend for 
copy protection, measured e.g. in the amount of computing power and memory required 
or public infrastructure to be installed, and the level of protection reached, Therefore, 
25 while there exist methods like e.g. asymmetric keying allowing a protection level cur- 
rently being regarded as safe, most methods being actually used with CDs do not com- 
pletely prevent copying but just make it more difficult 
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For copy protection, many methods propose to store the content to be protected in an 
encrypted form on the record carrier. Then, in order to utilize the content, e.g. to play a 
song from an audio CD, a corresponding decryption information is needed. This decryp- 
tion information may be stored on the record carrier together with the content or on a 
5 separate medium. Storing die decryption information on the record carrier together with 
the content has e.g. the drawback that a one-to-one copy is indistinguishable from the 
original and, thus, constitutes an easy way to break the copy protection. Storing the de- 
cryption information on a separate medium can prevent such easy copying by choosing 
a more difficult to copy medium as e.g. a smart card On the other hand, using a sepa- 
10 rate medium has at least the drawback that the record carrier can only be used in con- 
junction with the separate medium and, thus, requires from the user a careful joint usage 
and storage of both the record carrier and the separate medium. 

US 6,044,046 A therefore proposes to use as a separate medium a chip being physically 
1 5 integrated within the record carrier. This renders the record carrier with built-in chip as 
easy to handle as a record carrier itself. Furthermore, US 6,044,046 A discloses the 
communication interfaces of the chip and of a corresponding device for reading and/or 
writing the record carrier with built-in chip. In particular, a solution is described for 
allowing the reading and/or writing device simultaneous access to the record carrier and 
20 the built-in chip. For the full description of these and related issues the contents of 
US 6 S 044,046 A is herewith incorporated into this application by reference. 

While being an elegant solution, also the copy-protection scheme of US 6,044,046 A has 
its drawbacks. Consider e.g. the following situation of content distribution over the Inter- 

25 net, first examples of which have already been introduced. A user might buy and download 
content as e.g. a video via the Intemetin order to store it onarecord carrier. While, of course, 
the Internet is an insecure channel, there are rnetho ds known as e,g. the already mentioned 
asymmetric keying for conducting secure communications over insecure links, turning 
such insecure channels into so-called secure authenticated channels. For a more explicit 

30 description of the issues relating to secure communications over insecure links the con- 
tents of US 5,949,877 A is herewith incorporated into this application by reference. 
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Thus, assuming that also the hardware and applications being installed at the user's 
premises and participating in fee process of downloading the content have a high 
enough level of copy protection the content can be securely written e.g. to a record car- 
5 rier with built-in chip at the user's premises. But in order to do so the decrypting infor- 
mation for*the bought content has to be written to the chip at the user's premises, i.e., 
this part of the chip's memory has to be programmable. Accordingly, recordable record 
carriers with in such a way programmable built-in chips have to be commercially avail- 
able. 

10 

As a consequence, if the decryption information of a specific content once is tapped, 
e.g. by tapping the channel between the device writing to the chip and the chip, which 
might e.g. be realized by optical coupling elements, then the decryption information 
might be stored e.g. on a hard disk. Subsequently, the decryption information then 
1 5 might be published on the Internet and/or counterfeit chips might be programmed wife 
it Doing a one-to-one copy of fee contents of the record carrier on record carriers with 

such counterfeit built-in chips breaks the security mechanism. 

* 

Therefore, it is an object of this invention to provide a record carrier and a correspond- 
20 ing device for reading from it and/or writing to it that provides a higher level of protec- 
tion than the known record carriers wife built-in chips without significantly increasing 
the complexity of producing and operating such record carriers and devices. 

These objects are accomplished by 

25 a record carrier having a first area storing information, which is at least partly 

stored in encrypted form, such a part being called an asset, and which includes a 
first part of decryption information, and the record carrier further having a sec- 
ond area storing a second part of decryption information, wherein both the first 
and second parts of decryption information serve in decrypting an asset, this de- 

30 cryption being called asset decryption, 
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and by 

a device for reading from and/or writing to a record carrier as claimed in claim 
1 , wherein the device is designed 



for reading and/or writing the first part of decryption information, and 
for reading and/or writing the second part of decryption information, and 
for reading and/or writing an asset, and, 

optionally, for obtaining complete decryption information from both the first 
and second parts of decryption information, and, 

optionally, for decrypting and/or encrypting the asset with the complete de- 
cryption information, 



Whereas a device for reading from and/or writing to an inventive record carrier may 
well be designed to take over the tasks of obtaining complete decryption information 
and/or decrypting and/or encrypting an asset these tasks may also be transferred to an- 
other device being coupled to the reading and/or writing device. E.g., a processor of a 
PC containing such a reading and/or writing device as a peripheral device may take over 
one or both of these tasks. On the other hand, in a home entertainment system as e.g. an 
audio CE> or videb DVD player the integration of these tasks in the reading and/or writ- 
ing device is preferable. 

Together, the record carrier and the device for reading from and/or writing to it form a 
system for supporting copy protection according to the invention. Moreover, the inven- 
tion provides a method for reading copy-protected information from and/or writing 
copy-protected information to an inventive record carrier. 

Thus, the higher level of protection ptems from distributing the decryption information 
on at least two areas of a record carrier instead of concentrating it e.g. on the built-in 
chip alone. Distributing the decryption information on the first and second areas thus 
complicates an illegal copying of the record carrier. 
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In tills construction the first area typically serves for storing the payload information, 
e.g. the songs and/or videos and/or the computer games a user wants to purchase, The 
second area might also be a pure storage area, but in a preferred embodiment comprises 
a chip as in the record carrier with built-in chip disclosed in US 6,044,046 A, The stores 
on the first and second areas might be of the same physical nature, e.g. both being a 
pattern of pits and lands to be read via a laser, but preferably they utilize different 
physical implementations, e.g. pits and lands for the first area and some simple circuitry 
coupled with an induction coil for the second area. This gives the advantage of different 
physical channels, e.g. an optical and a radio frequency one, that can be accessed in 
parallel. In the same manner, in some embodiments it will be advantageous to 
physically clearly separate the first and second areas, e.g. implementing the first area as 
the conventional spiral pattern of a CD and positioning the second area between the 
center hole and the inner data track of the CD. This avoids mutual interference of the 
communication channels between the two areas of the record carrier and a reading 
and/or writing device. 

Embodying an inventive record carrier and its reading and/or writing device in a manner 
that the record carrier's first and second areas can be read and/or written in parallel" of- 
fers the advantage that the reading and/or writing device can handle the data on the two 
areas independently of each other, i.e. the two data streams can be processed without 
disturbing each other. Tins offers e.g. the possibility to continuously check, e.g. at regu- 
lar or irregular intervals in time, the authenticity and/or integrity of the record carrier, 
thus further complicating the use of an illegal record carrier. E.g., if the reading and/or 
writing device reads the second part of decryption information, e.g. via a radio fre- 
quency channel, only once when the record carrier is inserted in the device a hacker may 
betray the device by supplying the decryption information using specialized hacked 
equipment This kind of attack gets much more involved if the reading and/or writing 
device requests the second part of decryption information several times at e,g. irregular 
time intervals. 
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Using an inventive record carrier, the content distribution and copy-protection scheme 
can be structured in a way that at least part of the second part of decryption information 



5 equipment can be designed by industry in a way that it not able to make a complete one- 
one-copy of an inventive record carrier. Thus, the above-mentioned attack of tapping 
the decryption information and doing a one-to-one copy would not be possible with 
legal devices for writing record carriers, as e.g. a CD burner, 

10 Choosing a non-re-writable or more difficult to re-write memory type for the parts of 
the second area that need not be re-written can further increase this level of protection, 
E,g, 9 if the second area comprises a chip one may choose a ROM, a PROM, or a flash 
ROM. Then, one-to-one copying of the second area of the record carrier requires spe- 
cialized equipment or may be even completely impossible. 



The remaining claims and sub-claims disclose further advantageous embodiments of the 
invention, 

Having the second part of decryption information comprising an identifier, and, in par- 
20 ticular, an identifier being unique among all such identifiers, yields an especially high 
level of protection as even record carriers carrying the same payload can then be made 
different from each other. Thus, the invention also relates to the corresponding selection 
of an identifier, the construction of the second part of decryption information from the 
identifier, and the production of the record carrier with said second part of decryption 
25 information, Such construction may e.g. simply consist in equating the identifier with 
the second part of decryption information but may also first encrypt the identifier and/or 
enhance it with further data before using it as the second part of decryption information. 



on the second area of the record carrier need not be written at the user's premises while 
purchasing and downloading new content e.g. from the Internet Accordingly, the user's 



15 



30 
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In preferred embodiments, symmetric methods using two or even three cryptographic 
keys are used for en- and decryption. As these methods are computationally more effi- 
cient than asymmetric ones processing time is saved and memory requirements are 
lower. 



tive procedures on this chip further increases the level of protection. Examples for such 
procedures are a counter mechanism as well as an access checking procedure. For the 
latter, well-known password or PIN checking methods are known in the state of the art. 
To this end, the contents of EP 0 919 904 A2 are included in this application by refer- 
ence. Thus, different parts of the record carrier may be protected by different passwords* 
allowing e,g, the use of the record carrier by different people and/or for different pur- 
poses and/or kinds of data being stored, e.g. entertainment data, business data, and ac- 
count data. 

The second area of an inventive record area, in particular, if it is realized as a built-in 
chip, Anther offers the advantageous possibility of storing account information on the 
usage of the record carrier or the data 'and/or programs stored on it, e.g. the scores ob- 
tained in playing a stored computer game. Moreover, other personalizing information on 
the way a user wants to handle the record carrier can be stored in the second area. These 
user-specific settings, possibly in connection with the above-mentioned password 
mechanism, can serve in selecting the data, which are accessible on the recor4 carrier, 
and/or on the way such data are presented. E.g., a particular setting may determine 
which songs are played from an audio CD and in which sequence they are played. Thus, 
functionalities as e.g. Favorite Track Selection FTS and Parental Lock, currently being 
programmed into the player, will become available in the record carrier itself and, con- 
sequently, carry over to every appropriate player. Other examples for user-specific set- 
tings can be found in the personalisation of web pages found on the Internet as e.g. in 
"My Yahoo! 51 , which analogously cany over to corresponding applications concerning 
data being stored on an inventive record carrier, 



If an inventive record carrier is constructed by using a built-in chip, implementing ac- 
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If the second part of decryption information comprises an identifier, and, in particular, a 
unique identifier, this identifier can be advantageously used for indexing illegal record 
carriers on a revocation list, sometimes also called a black list Thus, if an illegal copy 
of an inventive record carrier appears on the market, the copy including a copy of the 



revocation lists to the reading and/or writing devices e.g. via legal record carriers or via 
the Internet while downloading legal content Subsequently, these devices can refuse to 
play these illegal record carriers and/or can even block their services completely or for a 
certain time. For further details concerning the well-known procedure of employing 
such revocation lists of counterfeit media the contents of US 6,028,936 are included in 
this application by reference. 

Of course, as is obvious to one skilled in the art, one may combine the above-described 
measures for obtaining an even improved copy protection. E.g., one may combine sym- 
metric encryption methods with a counter mechanism and a password checking, and 
enhance the record carrier's functionality by storing user-specific settings on the chip. 

These and further aspects and advantages of the invention will be further illustrated by 
the embodiments and, in particular, by the description of the attached figures. 

Fig. 1 shows diagrammatically an inventive record carrier. 

Fig. 2 shows a block diagram of a first embodiment of the reading and writing of data 
on an inventive record carrier, this first embodiment employing a hidden chan- 
nel between the first area of the record carrier and the reading device. 

Fig. 3 shows a block diagram of a second embodiment of the reading and writing of 

data on an inventive record carrier, this second embodiment employing a counter 
mechanism, 



identifier, this identifier can be placed on a revocation list One can then distribute such 
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Fig. 4 shows a block diagram of a third embodiment of the reading and writing of data 
on an inventive record carrier, this third embodiment employing an encrypted 
key on the first area of the record carrier, 

5 

Fig. 1 shows diagrammatically an inventive record carrier 1, whiclwnay comprise in- 
formation, with a central aperture 2 and a track 3 . The track 3 is arranged in a spiral or 
concentric pattern and comprises a first area for storing information. A second area 4 is 
also present on the record carrier 1, the second area e,g. comprising a chip. For more 
10 details on the record carrier 1 and its communication means with the device for reading 
and/or writing the record carrier 1 reference is again made to US 6,044,046 A. 

Fig, 2 shows a block diagram of a first embodiment of the reading and writing of data 
on an inventive record carrier. Left of the dotted line 20 one finds a record carrier 1 with 
15 the second area 4, which is also shown in an enlarged view below the record carrier 1 . 
Between the dotted lines 20 and 21 the processes taking place in an inventive reading 
and writing device and the storage areas used thereby are shown, and right of the dotted 
line 21 one sees the data being supplied externally to an inventive system comprising a 
reading and writing device and a record carrier. 

20 

In the embodiment of Fig. 2 the first area 3 of the record carrier 1 stores the payload 
data in a form enctypted by a symmetric encryption method using a first cryptographic 
key called the asset key AK. This encrypted payload data are referred to in the figure as 
EAK(data), The first area 3 furthermore stores as a first part of decryption information a 
25 third cryptographic key, called a hidden-channel key HCK. These items, i.e. the en- 
crypted payload data EAn(data) as well as the hidden-channel key HCK are read by the 
reading device e.g. via an optical channel by e.g. using a laser diode. In this way they 
are made available in the block 10 in the reading device. 

30 
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la this implementation, the hidden-channel key HCK can be scrambled and/or encrypted 
in a secret way on the first area 3 within the payload data HAfc(data). I.e. the HCK can be 
encrypted and/or additionally scattered within the EAic(data), this scattering e.g. being 
performed by flipping some bits of the E^data). Then, a reading device not knowing 
5 this scrambling and/or encryption scheme, in the following just referred to as scram- 
bling scheme for short, typically will ignore these few changed bits as reading errors. 
Thus, as long as the scrambling scheme is kept secret a user will not be able to obtain 
the hidden-channel key HCK explicitly. In this sense, the hidden-channel key HCK is 
read via a hidden channel between the first area 3 of the record carrier 1 and the reading 
10 device. 

The second area 4 stores as a second part of decryption information a unique identifier, 
called the unique chip-in-disc identifier UCDD, e.g. a serial number being unique among 
all inventive record carriers, and stores furthermore the asset key AK in a form en- 

15 crypted by a symmetric encryption method using a second cryptographic key, called the 
chip-in-disc key CIDK, The such encrypted asset key is referre4 to as Eqdk(AK). This 
symmetric encryption method may the same or may be a different one than the one used 
- for the encryption of the payload data above. In that, the chip-in-disc key CIDK is chor 
sen in a way that it is deducibie from the joint usage of the first and second parts of de- 

20 cryption information, i.e. from the joint usage of the hidden-channel key HCK and the 
unique chip-in-disc identifier UCID. 

The reading and decrypting of the data on record carrier 1 proceed as follows: The read- 
ing device reads e.g. via an optical channel the hidden-channel key HCK from the first 

25 area 3 into its internal block 10. Of course, if the hidden-channel key HCK is scrambled 
within the encrypted payload data E^Cdata), typically, part of these data will have to be 
read as well. Subsequently or simultaneously it further reads the unique chip-in-disc 
identifier UCID into the block 12 and the encrypted asset key Ecidk(AK) into the block 
13. Typically these two latter read processes from the second area 4 use a different 

30 channel than the reading from the first area 3 , e.g. if the second area 4 comprises a chip 
a radio frequency channel can be used. 
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Internally the reading device transfers the hidden-channel key HCK from block 10 into 
block 12, where both parts of decryption information, i.e. the hidden-channel key HCK 
as well as the unique chip-in-disc identifier UCID are used to compute the chip-in-disc 

5 key CEDK. E.g., as a concrete example, the chip-in-disc key CIDK might be computed 
via a o^e-way collision-resistant hash function H(~.) from the concatenation of the bit T 
sequences of the unique chip-in-disc identifier UCID and the hidden-channel key HCK: 
CIDK - H(UCID || HCK), Using such a hash function offers the additional advantage of 
the chip-in-disc key CIDK requiring only a small storage area on the second area 4 of 

10 record carrier 1. But, of course, instead of abash function H(...), for deriving the chip- 
in-disc key CIDK, other methods may be used as well. Further examples are the usage 
of a symmetric encryption method employing the UCID as cryptographic key and the 
HCK as data to be encrypted or vice versa, i.e. computing: CIDK = Eucm(HCK) or 



The chip-in-diso key CIDK is then internally transferred into the block 13, where it is 
used for decrypting the encrypted asset key Ecidk(AK). Afterwards, the thus obtained 
asset key AK is internally transferred into the block 11. These processes typically will 
take place, together e,g, with reading some index and/or table of contents information 
20 on the record carrier 1 , immediately after having inserted the record carrier 1 into the 
reading device. 

Then, if encrypted payioad data EAic(data) is to be decrypted, e.g. if a song from an au- 
dio CD is to be played, the reading device will read said encrypted payioad data 
25 EAjcCdata) into its internal block 10, e.g. via an optical channel, and, typically, will con- 
tinuously transfer it further into internal block 11 . In block 1 1, the asset key AK is used 
for decrypting the encrypted payioad data EyucCdata). The decrypted payioad data can 
then be further processed in the reading device, e.g. a digitally stored song will be con- 
verted to analog and played via the loudspeakers, which is not shown in the figure. 



CIDK-Ehck(UCID). 



15 



30 



Empf ansszei t 5Juii 13:38 



5.JUL.2802 13:40 CIP-DE flflCHEN 

-12- 



Fig. 2 shows furthermore the processes talcing place in receiving new content, i.e. new 
payload data, e.g. from the Internet and storing it on an inventive record carrier. In a 
bloclc 15 being external to the system of record carrier 1 and the reading and/or writing 
device for it, e.g. in a block IS residing on a server inside the Internet the new content is 
5 provided in a form K^data) encrypted by a symmetric method using an asset key AK. 
Furthermore, block 15 also provides the hidden-channel key HCK*and the asset key AK 
themselves. In order to prevent tapping the download of such new content the connec- 
tion between external block 15 and a receiving block 16 inside the writing device for 
record carrier 1 might be provided via a secure authenticated channel. 

10 

In detail, the writing of new content on the record carrier 1 then takes place as follows: 
External block 15 transfers via a secure authenticated channel the new encrypted pay- 
load data EAK(data) 9 the hidden-channel key HCK, and the asset key AK to the writer- 
internal block 16. Block 16 writes the new encrypted payload data EAic(data) and the 

15 hidden-channel key HCK, e.g. via an optical channel, on the first area 3 of the record 
carrier 1 . As already mentioned, advantageously, on the first area 3, the hidden-channel 
key HCK is scrambled within the encrypted payload data EAic(data). This scrambling 
might already be performed in the external block 1 5 or it might be performed in the 
writer-internal block 16. Furthermore, block 16 transfers the asset key AK to writer- 

20 internal block 17. 
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To conclude the writing process the asset key AK has to be encrypted and written to the 
second area 4. For that, at first the hidden-channel key HCK has to be transferred to the 
writer-internal block 10. This can be performed as in the reading process, Le., after the 

25 hidden-channel key HCK has been written to the first area 3, block 10 can read it from 
the first area 3. Alternatively, if in block 16 the hidden-channel key HCK is known ex- 
plicitly, block 16 can directly transfer it to block 10, which is indicated in Fig. 2 by a 
broken arrow, Afterwards, as in the reading process, block 10 transfers the hidden- 
channel key HCK to block 12, which reads the unique chip-in-disc identifier UCID 

30 from the second area 4, and computes from the HCK and UCID the chip-in-dlsc key 



Empfansszeit 5 * Ju I i 13:38 



* 5. JUL. 2002 13:41 



CIP-DE fifiCHEN 



NR. 369 



S. 17X30 




I20645EP-P 



-13- 



CIDK. Block 12 then transfers the ohip-in-disc key CIDK to block 17, which encrypts 
the asset key AK into Eodk(AK) by using a symmetric method employing the chip-in- 
disc key CIDK as cryptographic key, Finally, block 17 writes the encrypted asset key 
Ectok(AK)> e «S- via 311 optical channel, on the second area 4 of record carrier 1. 



Besides the encrypted paylpad data B^Cdata) and the,asset key AK, the external block 
15 might further provide additional information. An example for that are access rights. 
Access rights e.g. determine how often a song on an audio disc may be played They can 
be written to the first area 3 and/or the second area 4 of the record carrier. 1, and they 
10 can be administrated by the reading and/or writing device and/or by a built-in chip of 
the record carrier 1 . 

One skilled in the art will notice that distribution of decryption information disclosed in 
Fig. 2 implements a principle that may be summarized as "the secret coming from the 

15 disc and the uniqueness coming from the chip-in-disc". I.e., the hidden-channel key 
HCK on the first area 3 represents the secret while the unique chip-in-disc identifier 
UCJD represents the uniqueness, thus yielding via the one-way collision-resistant hash 
function H a secret and unique chip-in-disc key CIDK. But one skilled in the art will 
also notice that a reasonable level of protection is also reached with a non-unique chip- 

20 in-disc key CIDK. I.e., dropping the uniqueness restriction on the chip-in-disc identifier 
by replacing a unique UCID by a possibly non-unique chip-in-disc identifier and/or 
dropping the collision-resistance of the hash function H still improves the copy protec- 
tion of an inventive record carrier as compared to the state of the art. 

25 Such non-unique cbip4n-disc identifiers may e.g. result from overlaps between different 
manufacturers, i.e. whereas each manufecturer may produce its record carriers with 
unique chip-in-disc identifiers UCID, e.g. by using a serial number, manufacturers may 
want to save the effort to negotiate disjoint ranges of chip-in-disc identifiers between 
them. The thus resulting very rare occasions of identical chip-in-disc identifiers will not 

30 much compromise the level of protection of inventive record carriers. 
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Concerning the hidden-channel keys HCK, especially if they are to be scrambled within 
the encrypted payload data EAit(data), an advantageous choice is to generate one hidden- 
channel key HCK per title of record carrier. Le., record carriers with the same title, i.e. 
those carrying the same payload share its hidden-channel keys HCK while record carri- 
ers with different titles also use different hidden-channel fceys HCK. 

Considering some possible attacks on the inventive copy-protection mechanism, one 
can make the following observations, where in all cases it is assumed that the unique 
chip-in-disc identifier UCID cannot be re-programmed by a user. 

In trying to copy a first disc to a second one, a user may do a one-to-one copy of the first 
area 3, thereby copying the encrypted payload data EAic(data) and the hidden-channel 
key HCK. After once having tapped the transmission of the encrypted asset key 
Eodki(AK) of the first record carrier, this might e.g. be published on the Internet and a 
user disposing of the right equipment might write it on the second area 4 of the second 
record carrier. But the first and second record carriers will differ in their unique chip-in- 
disc identifiers UCID1 and UCID2 and thus in their chip-in-disc keys CIDK1 and 
CIDK2- Accordingly, the copied encrypted asset key Ecn>ia(AK) of the first record car- 
rier cannot be decrypted with the chip-in-disc key CIDK2 of the second record carrier 
rendering the copy unreadable. Thus, even if a user is able to do a one-to-one copy of all 
re-programmable parts of an inventive record carrier, the non-re-programmable unique 
chip-in-disc identifiers UCID1 and UCED2 prohibit this kind of attack. 

Copying a disc to itself is of interest just in the case of diminishing access rights, e.g. in 
the case that a video DVD may only be played once or N times. Then, when starting to 
play such a disc the encrypted asset key Eodk(AK) may be tapped and later be re- 
written to the second area 4 of this record carrier. When buying new content e.g. by 
downloading from the Internet, alternatively, instead of tapping the encrypted asset key 
Ecidk(AK) when starting to play such a disc, a user may tap this key while it is written 



5.JUL.300Z 13:41 



CIP-DE fiftCHEN 



-15- 



NR.369 S. 19/30 

Wo20645EP-P 



to the second area 4 of the record carrier. Thus, this kind of attack cannot be prohibited 
by the inventive copy-protection method. But, of course, a user will need the right 
equipment for such re-progra mming , e.g. he will need to hack a legal player. 

5 Fig. 3 shows a block diagram of a second embodiment of the reading and writing of 
data on an inventive record carrier. This second embodiment employs a counter mecha- 
nism for fiuther increasing the level of protection as will be discussed below. 

In large parts Fig. 3 corresponds to Fig. 2, Accordingly, blocks with identical functions 
1 0 have been given the same reference signs whereas blocks with similar functionality 
have been given the corresponding primed reference numeral. In the following, the de- 
scription restricts to the differences to Fig. 2. 

In Fig, 3, the second area 4 of the record carrier 1 comprises a chip 4' storing the unique 
1 5 chip-in-disc identifier UCID, a first counter G, and an encrypted version of the concate- 
nation Ecidk(AK II C e ) of the asset key AK and a second counter C t . As in Fig. 2, this 
enayption uses a symmetric method employing the chip-in-disc key CIDK as a crypto- 
graphic key. The chip 4* allows the reading and/or writing device for the record carrier 1 
only read access but no write access to the first counter Q. Therefore, this first counter 
20 d is also called the internal counter Q. In the same way, as the chip 4' grants read and 
write access to the second counter C e this is also called the external counter C c , A legal 
record carrier now is arranged in the way that the values of the internal counter Cf and 
the external counter C e are identical. 

25 Reading of the record carrier 1 of Fig. 3 then works similarly to that of Fig. 2 with the 
following differences. In block 13* corresponding to block 13 of Fig, 2 not only the as- 
set key AK is decrypted but also the external counter C©. More precisely, block 13' first 
decrypts the concatenation "AK || C e " of the asset key AK and the external counter C c , 
which is then separated into the asset key AK and the external counter Co themselves. 

30 This separation can be made possible e.g. by employing external counters C e of fixed 
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length or by using a reserved separator for the concatenation of the asset AK and the 
external counter C©. The asset key AK is, as in Fig. 2, transferred to the payload decryp- 
tion block 1 1 * corresponding to block 1 1 of Fig. 2, but is also transferred to the encryp- 
tion block 17' corresponding to block 17 of Fig. 2. The external counter C e is on the one 
hand given to the comparison block 1 8 and on the other hand to the encryption block 



The comparison block IS also reads the internal counter Q from the chip 4 7 and then 
compares the external counter C e with the internal counter C j. It transfers the result of 
this comparison to the payload decryption block 11% which will now only then decrypt 
the payload data EAic(data) if the external counter C c coincided with the internal counter 
Q. 

To complete the counter mechanism, after the external counter C e and the internal 
counter Q have been read, the chip 4' increments the internal counter Ci by 1, the read- 
ing and/or writing device in block 1 T increments the external counter C e by 1 , encrypts 
the concatenation of the asset key AK with the just incremented external counter C c 
using the chip-in-disc key CIDK, i.e. computes Ecidk(AK || C c ), and writes the result 
Ecidk(AK (I C c ) back to the chip 4\ This cares for both the external counter C e and the 
internal counter Cj on the chip 4* being incremented by 1 and, thus, coinciding again, 
and the record carrier 1 being ready for the next legal access. 

One skilled in the art will notice that the counter mechanism is based on the facts that 
the internal counter C\ cannot be influenced from outside the chip 4* while the value of 
the external counter C e is not known to a user because the hidden-channel key HCK is 
secret Then, the incrementing of the two counters in safe environments together with 
the requirement of them keeping identical values creates a further increased level of 
protection as can be seen by re-Yisiting the attack of copying a disc to itself already dis- 
cussed in connection with Fig. 2. Of course, as is assumed in all embodiments, the in- 
ternal stores of the reading and/or writing device are assumed to be safe, too 9 which can 
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e.g. be obtained by implementing them as one or several chips. Otherwise, an attacker 
would only need to tap the asset key AK inside the reading and/or writing device. 

As already mentioned, the counter mechanism successfully blocks the copying of a disc 
5 to itself This follows from the observation that restoring Ecmx(AK || C B ) to its initial 
value after having played the disc, i.e. restoring it to its value when starting to play the 
record carrier, also restores the external counter Ce to its initial value while the internal 
counter Cj already has been incremented one or more times. Thus, the two counters will 
no more coincide and the reading and/or writing device will deny access to the record 
10 carrier. 

As mentioned in the summary of the invention, these protection mechanisms can further 
be complemented by a revocation list of illegal record carriers, i.e. a revocation list can 
be used e.g. in addition to the above counter mechanism or also instead of it On detec- 
15 tion of an illegal record carrier the reading and/or writing device can execute, besides 
denying access to this record earner, a counterfeit response routine ranging from a sim- 
ple warning message to locking the device. For details, again reference is made to 
US 6,028,936, 

20 The previous embodiments shown in Figs. 2 and 3 assumed that the hidden-channel key 
HOC is read in a safe way, Le. via a hidden channel, by the reading device. This might 
e,g. be accomplished by scrambling the hidden-channel key HCK in a secret way within 
the encrypted payload data EAic(data). Of course, if this hidden channel is compromised, 
e.g. if the scrambling scheme gets known, the whole copy-protection mechanism gets 

25 compromised, Therefore, as an alternative or as an additional safety mechanism the hid- 
den-channel key HCK can be stored in encrypted form Ednk(HCK) on the first area 3 of 
the record carrier 1 . 

Fig. 4 shows a block diagram of a corresponding third embodiment of the reading and 
30 writing of data on an inventive record carrier. Again, in large parts Fig. 4 corresponds to 
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Fig. 2. Accordingly, blocks with identical functions have been given the same reference 

signs whereas blocks with similar functionality have been given the corresponding I 

primed reference numeral. In the following, the description restricts to the differences to '■ 

Fig. 2. ! 

5 i 

Instead of the hidden-channel key HCK itself the first area 3 of the record carrier 1 now | 
stores it in encrypted form Ednk(HCK), this encryption using a symmetric method em- 
ploying as a cryptographic key a fourth cryptographic key denoted as the device-node 
key DNK. This device-node key DNK is stored within a new block 19 within the read- 

10 ing and/or writing device for the record carrier 1, and as such is a property of a legal 
such device. Accordingly, block 10'of the reading and/or writing device, which corre- 
sponds to block 1 0 in Fig. 2, does not read the hidden-channel key HCK directly from 
the first area 3 but reads its encrypted version E D nk(HCK). Proceeding further, block 19 
transfers the device-node key DNK to block 10', which now decrypts the encrypted 

15 Ednk(HCK) in order to obtain the hidden-channel key HCK in the clear. The remaining 
reading process coincides with the one shown in Fig. 2. 

In the same way, if storing an encrypted version Ednk(HCK) of the hidden-channel key 
HCK, the writing of new content on a record carrier 1, as compared to Fig. 2, has to be 

20 modified accordingly, which is not shown in Fig. 4. Again, there are several possibili- 
ties. The encrypted E D nk(HCK), possibly additionally scrambled within the encrypted 
payload data EAK(data), can already be supplied by the external block 15 of Fig. 2. Al- 
ternatively, external block 15 may supply the hidden-channel key HCK in the clear to 
writer-internal block 1 6 of Fig. 2, which can then receive the device-node key DNK 

25 from block 19 to compute the encryption Ednk(HCK) and, possibly, do the scrambling 
within the EAx(data). Afterwards, as in Fig. 2, block 16 writes the encrypted payload 
data EAK(data) as well as the encrypted form Ednk(HCK) of the hidden-channel key 
HCK to the first area 3, and transfers the asset key AK to block 17. 
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To provide the hidden-channel key HCK to block 10' for the writing process, as in Fig. 
2, block 10' can read its encrypted form EdnkCHCK) from the first area 3 after block 16 
has finished its writing, get DNK from block 19 and decrypt E D nk(HCK) to HCK. Al- 
ternatively, as in Fig. 2, if block 16 explicitly disposes of tibe hidden-channel key HCK, 
it can directly transfer it to block 10'. The further writing proceeds as in Fig. 2, i.e., 
block 10' gives the HCK to block 12. Block 12 reads the UCID from the second area 4, 
computes from the HCK and the UCID the CIDK and gives that to block 17, Block 17 
encrypts the AK with the CIDK to E C idk(AK), and, finally writes the encrypted form 
Ecidk(AK) of the asset key AK to the second area 4. 

As is obvious to one skilled in the art the above embodiments can be modified in a vari- 
ety of ways while still implementing the invention. E.g., the functionalities of the dis- 
tinct blooks mentioned in the figures can be distributed in other ways or can be concen- 
trated in a single or a few chips only. Therefore, above embodiments are not to be taken 
as limiting the extent of protection of this application. 
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1. A record earner (1) having a first area (3) storing infonnatibn (data), which is at least* 
partly stored in encrypted fonn (EAftfdata)), this part being called an asset (EAK(data)), 
and which includes a first part of decryption information (HCK, Ednk(HCK)), and the 
record carrier (1) further having a second area (4) storing a second part of decryption 
information (UCID), wherein both the first (HCK) and second (UCID) parts of decryp- 
tion information serve in decrypting the asset (EAic(data)). 

2. A record carrier (1) as claimed in claim 1, 
characterized in that 

the first (3) and second areas (4) comprise storage media of a different physical land. 

3. A record carrier (1) as claimed in claim 1, 
characterized in that 

the second area (4) comprises a chip (4') for providing the store of the second area (4). 

4. A record carrier (1) as claimed in claim 1, 
characterized in that 

- a symmetric method using a first cryptographic lcey, called an asset key (AK), is 
used for asset en- and decryption, and in that 

- the asset key (AK) is stored in the second area (4) in an encrypted form, wherein for 
its encryption a symmetric encryption method has been used, this method employing 
a second cryptographic key (CIDK) in whose derivation both the first (HCK) and 
second (UCID) parts of decryption information have been used. 
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5. A record carrier (1) as claimed in claim 1, 
characterized in that 

- a third cryptographic key, called a hidden-channel key (HCK), serves in the asset 
decryption, and in that 

- the hidden-channel key (HCK) is obtainable from the first part of decryption infor- 
mation (HCK, EDfac(HCK)), in particular, that the hidden-channel key (HCK) coin- 
cides with the first part of decryption information (HCK) and that the first part of 
decryption information (HCK) is scrambled and/or encrypted within the information 
(data) stored in the first area (3). 

6. A record carrier (1) as claimed in claim 3, 
characterised in that 

~ the chip (4') is designed for storing a first counter (Q), and 

- the chip (4*) is designed for allowing an reading and/or writing device read access to 
the first counter (Q) but denying write access to it, and 

- the chip (4 s ) is designed for changing the value of the first counter (C$) each time the 
second part of decryption information (UCID) is read by an reading and/or writing 
device, and 

- the chip (4 s ) is designed for storing a second counter (Ce) in an encrypted form, 
wherein both the first (HCK) and second (UCID) parts of decryption information 
serve in decrypting the second counter (C c ). 

7. A record carrier (1) as claimed in claim 3, 
characterized in that 

the chip (4') is designed for checking the rigftt of an reading and/or writing device to 
access the record carrier (1). 
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8. A record carrier (1) as claimed in claim 1, 
Characterized in that 

the second area (4) is designed for storing user-specific settings serving in controlling 
the access of an reading and/or writing device to the record carrier (1) and/or in control- 
5 ling the manner information being read from the record carrier (1) is presented by the 
reading and/or writing device to a user of the reading and/or writing device. " 

9. A device for reading from and/or writing to arecord carrier (1) as claimed in claim 1, 
wherein the device is designed 

10 - for reading and/or writing the first part of decryption information (HCK, 
EdnkCHCK)), 

- for reading and/or writing the second part of decryption information (UCID), 

- for reading and/or writing the asset (E^data)), 

- optionally, for obtaining complete decryption information from bora the first (HCK, 
15 EdnkCHCK)) and second parts (UCID) of decryption information, and, 

- optionally, for decrypting and/or encrypting the asset (E^data)) with the complete 
decryption information. 

10. A device for reading and/or writing as claimed in claim 9, 

20 character ized in that 

- the device is designed for accessing the first (3) and second areas (4) of the record 
carrier (1) in parallel, 

1 1 . A device for reading and/or writing as claimed in claim 9, 
25 characterised in that 

- the device is designed for storing and mamtaining a revocation list of identifiers 
(UCID), and in that 

- the device is designed for at least partly refusing a user of the device access to a re- 
cord carrier (1) as claimed in claim 3 if the identifier (UCID) being stored on the re- 

30 cord carrier (1) belongs to die revocation list, 
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12. A system for supporting copy protection, the system comprising a device as claimed 
in claim 9 and a record carrier (i) as claimed in claim 1 . 

5 13. A method for reading from and/or writing to a record carrier (1) as claimed in claim 
1, with the step's: 

" leading and/or writing the first part of decryption information (HCK, E DNK (HCK)), 

- reading and/or writing the second part of decryption information (UCID), 

- reading and/or writing the asset (EAK(data)), 

10 . optionally, obtaining complete decryption inforrmtion rmm both the first (HCK, 
Ednk(HCK)) and second parts (UCID) of decryption information, and, 
_ optionally, decrypting and/or encrypting the asset (E AK (data)) with the complete 
decryption information. 

15 14. A method for producing a record carrier (1) as claimed in claim 1, with the steps: 

- selecting an identifier (UCID), in particular, selecting an identifier (UCID) being 

different ftom the identifiers (UCID) having previously been selected in the method, 

" constructing the second part of decryption information (UCID) as comprising the 
identifier (UCID), and 

20 - producing the record carrier (1) with the thus constructed second part of decryption 
information (UCID) being stored on the second area (4) of the record carrier (1). 
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ABSTRACT 

RECORD CARRIER WITH DISTRIBUTED DECRYPTION INFORMATION 

The invention relates to a system for improved copy protection comprising a record car- 
rier like a CD-RW-r or a DVD storing copy-protected information and a device for read- 
5 ing from and/or writing to the record carrier. For that the record carrier (1) has a first 
area (3) storing information (data), which is at least partly stored in encrypted form 
(EAK(data)), this part being called an asset ^(data)), and which includes a first part of 
decryption information (HCIC, Ednk(HCK)), and the record carrier (1 ) further has a sec- 
ond area (4) storing a second part of decryption information (UCID), wherein both the 
10 first (HCK) and second (UCID) parts of decryption information serve in decrypting an 
asset (E^data)). Such distribution of decryption information over at least two areas of 
the record carrier may further be combined with additional safety mechanisms as e.g. 
hidden channels, encrypted keys, counter mechanisms, and revocation lists. 

1 5 For publication with the abstract; Fig. 2 
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